Security Protection

Recently, System-on-Chip (SoC) technology has been adopted to design smaller, lower-power and cheaper lifetime-secure sensor nodes. In these sensor nodes, we find that there exists a secure memory fraction which stores the part of the application executable binary code, namely “fingerprint”. What's more, the SoC-based tamper-resistant sensor nodes in a network always hold the same fingerprint which is the only secure part that survives not only the physical and side-channel attacks but also the logical attacks throughout the limited lifetime of a sensor node.

Approach

Leveraging the existence of secure fingerprint in each sensor node, we propose FKM, an efficient fingerprint-based key management protocol. In this scheme, we employ a concept of multi-dimension grid key space, in which each coordinate stands for a secret key for node-to-node communication. Any pair of nodes can build a secret key by combining two raw key elements which are randomly selected by both nodes from their fingerprints respectively. By introducing multi-dimension grid key, FKM mitigates the threshold effect and provides strong security under colluding attacks by a large number of nodes. The key renewal and authentication properties of FKM ensure that it can defeat any known attacks with a high probability. Two key reinforcement schemes are also designed to further enhance the time and cost penalty imposed to the attacker by a much larger multi-dimension grid key space. To the best of our knowledge, it is the first attempt at the use of application executable binary code itself to develop a key management protocol.

Systems/Experiments

A thorough analysis showed that FKM supports higher security and superior operational properties while consuming less memory resource compared to the existing key establishment schemes.

Accomplishments

Xiaoguang Niu, Yanmin Zhu, Li Cui and Lionel M. Ni, FKM: A Fingerprint-based Key Management Protocol for Lifetime-Secure Tamper-Resistant Sensor Networks, submitted to MASS 2008